CVE-2020-36387

Опубликовано: 07 июн. 2021

Источник: debian

EPSS Низкий

Описание

An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
linux	fixed	5.7.17-1		package
linux	not-affected		buster	package
linux	not-affected		stretch	package

Примечания

https://git.kernel.org/linus/6d816e088c359866f9867057e04f244c608c42fe

EPSS

Процентиль: 18%

0.00057

Низкий

Связанные уязвимости

CVE-2020-36387

CVSS3: 7.8

ubuntu

больше 4 лет назад

An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.

CVE-2020-36387

CVSS3: 8.4

redhat

больше 5 лет назад

An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.

CVE-2020-36387

CVSS3: 7.8

nvd

больше 4 лет назад

An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.

GHSA-h865-4c46-jfqg

CVSS3: 7.8

github

больше 3 лет назад

An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.

EPSS

Процентиль: 18%

0.00057

Низкий